@ -0,0 +1 @@ | |||
github: [blueimp] |
@ -0,0 +1,84 @@ | |||
name: Test | |||
on: [push, pull_request] | |||
jobs: | |||
lint: | |||
runs-on: ubuntu-latest | |||
steps: | |||
- uses: actions/checkout@v1 | |||
- name: Setup Node.js | |||
uses: actions/setup-node@v1 | |||
with: | |||
node-version: 12.x | |||
- name: npm install | |||
run: npm install | |||
env: | |||
CI: true | |||
- name: lint | |||
run: npm run lint | |||
env: | |||
CI: true | |||
mocha: | |||
runs-on: ubuntu-latest | |||
steps: | |||
- uses: actions/checkout@v1 | |||
- name: chmod | |||
run: chmod -R 777 server/php/files | |||
- name: docker-compose build | |||
run: docker-compose build example mocha | |||
- name: mocha | |||
run: docker-compose run --rm mocha | |||
- name: docker-compose logs | |||
if: always() | |||
run: docker-compose logs example | |||
- name: docker-compose down | |||
if: always() | |||
run: docker-compose down -v | |||
wdio-chrome: | |||
runs-on: ubuntu-latest | |||
steps: | |||
- uses: actions/checkout@v1 | |||
- name: chmod | |||
run: chmod -R 777 server/php/files wdio/reports | |||
- name: docker-compose build | |||
run: docker-compose build example | |||
- name: wdio chrome | |||
run: docker-compose run --rm wdio | |||
- name: docker-compose logs | |||
if: always() | |||
run: docker-compose logs example | |||
- name: docker-compose down | |||
if: always() | |||
run: docker-compose down -v | |||
- name: Upload reports | |||
if: always() | |||
uses: actions/upload-artifact@master | |||
with: | |||
name: reports | |||
path: wdio/reports | |||
wdio-firefox: | |||
runs-on: ubuntu-latest | |||
steps: | |||
- uses: actions/checkout@v1 | |||
- name: chmod | |||
run: chmod -R 777 server/php/files wdio/reports | |||
- name: docker-compose build | |||
run: docker-compose build example | |||
- name: wdio firefox | |||
run: docker-compose run --rm wdio firefox | |||
- name: docker-compose logs | |||
if: always() | |||
run: docker-compose logs example | |||
- name: docker-compose down | |||
if: always() | |||
run: docker-compose down -v | |||
- name: Upload reports | |||
if: always() | |||
uses: actions/upload-artifact@master | |||
with: | |||
name: reports | |||
path: wdio/reports |
@ -1,3 +1,3 @@ | |||
.DS_Store | |||
*.pyc | |||
.env | |||
node_modules |
@ -1,81 +0,0 @@ | |||
{ | |||
"bitwise" : true, // true: Prohibit bitwise operators (&, |, ^, etc.) | |||
"camelcase" : true, // true: Identifiers must be in camelCase | |||
"curly" : true, // true: Require {} for every new block or scope | |||
"eqeqeq" : true, // true: Require triple equals (===) for comparison | |||
"forin" : true, // true: Require filtering for..in loops with obj.hasOwnProperty() | |||
"immed" : true, // true: Require immediate invocations to be wrapped in parens | |||
// e.g. `(function () { } ());` | |||
"indent" : 4, // {int} Number of spaces to use for indentation | |||
"latedef" : true, // true: Require variables/functions to be defined before being used | |||
"newcap" : true, // true: Require capitalization of all constructor functions e.g. `new F()` | |||
"noarg" : true, // true: Prohibit use of `arguments.caller` and `arguments.callee` | |||
"noempty" : true, // true: Prohibit use of empty blocks | |||
"nonew" : true, // true: Prohibit use of constructors for side-effects (without assignment) | |||
"plusplus" : false, // true: Prohibit use of `++` & `--` | |||
"quotmark" : "single", // Quotation mark consistency: | |||
// false : do nothing (default) | |||
// true : ensure whatever is used is consistent | |||
// "single" : require single quotes | |||
// "double" : require double quotes | |||
"undef" : true, // true: Require all non-global variables to be declared (prevents global leaks) | |||
"unused" : true, // true: Require all defined variables be used | |||
"strict" : true, // true: Requires all functions run in ES5 Strict Mode | |||
"trailing" : true, // true: Prohibit trailing whitespaces | |||
"maxparams" : false, // {int} Max number of formal params allowed per function | |||
"maxdepth" : false, // {int} Max depth of nested blocks (within functions) | |||
"maxstatements" : false, // {int} Max number statements per function | |||
"maxcomplexity" : false, // {int} Max cyclomatic complexity per function | |||
"maxlen" : false, // {int} Max number of characters per line | |||
// Relaxing | |||
"asi" : false, // true: Tolerate Automatic Semicolon Insertion (no semicolons) | |||
"boss" : false, // true: Tolerate assignments where comparisons would be expected | |||
"debug" : false, // true: Allow debugger statements e.g. browser breakpoints. | |||
"eqnull" : false, // true: Tolerate use of `== null` | |||
"es5" : false, // true: Allow ES5 syntax (ex: getters and setters) | |||
"esnext" : false, // true: Allow ES.next (ES6) syntax (ex: `const`) | |||
"moz" : false, // true: Allow Mozilla specific syntax (extends and overrides esnext features) | |||
// (ex: `for each`, multiple try/catch, function expression…) | |||
"evil" : false, // true: Tolerate use of `eval` and `new Function()` | |||
"expr" : false, // true: Tolerate `ExpressionStatement` as Programs | |||
"funcscope" : false, // true: Tolerate defining variables inside control statements" | |||
"globalstrict" : false, // true: Allow global "use strict" (also enables 'strict') | |||
"iterator" : false, // true: Tolerate using the `__iterator__` property | |||
"lastsemic" : false, // true: Tolerate omitting a semicolon for the last statement of a 1-line block | |||
"laxbreak" : false, // true: Tolerate possibly unsafe line breakings | |||
"laxcomma" : false, // true: Tolerate comma-first style coding | |||
"loopfunc" : false, // true: Tolerate functions being defined in loops | |||
"multistr" : false, // true: Tolerate multi-line strings | |||
"proto" : false, // true: Tolerate using the `__proto__` property | |||
"scripturl" : false, // true: Tolerate script-targeted URLs | |||
"smarttabs" : false, // true: Tolerate mixed tabs/spaces when used for alignment | |||
"shadow" : false, // true: Allows re-define variables later in code e.g. `var x=1; x=2;` | |||
"sub" : false, // true: Tolerate using `[]` notation when it can still be expressed in dot notation | |||
"supernew" : false, // true: Tolerate `new function () { ... };` and `new Object;` | |||
"validthis" : false, // true: Tolerate using this in a non-constructor function | |||
// Environments | |||
"browser" : false, // Web Browser (window, document, etc) | |||
"couch" : false, // CouchDB | |||
"devel" : false, // Development/debugging (alert, confirm, etc) | |||
"dojo" : false, // Dojo Toolkit | |||
"jquery" : false, // jQuery | |||
"mootools" : false, // MooTools | |||
"node" : false, // Node.js | |||
"nonstandard" : false, // Widely adopted globals (escape, unescape, etc) | |||
"prototypejs" : false, // Prototype and Scriptaculous | |||
"rhino" : false, // Rhino | |||
"worker" : false, // Web Workers | |||
"wsh" : false, // Windows Scripting Host | |||
"yui" : false, // Yahoo User Interface | |||
// Legacy | |||
"nomen" : true, // true: Prohibit dangling `_` in variables | |||
"onevar" : true, // true: Allow only one `var` statement per function | |||
"passfail" : false, // true: Stop on first error | |||
"white" : true, // true: Check against strict whitespace and indentation rules | |||
// Custom Globals | |||
"globals" : {} // additional predefined global variables | |||
} |
@ -1,20 +0,0 @@ | |||
* | |||
!css/jquery.fileupload-noscript.css | |||
!css/jquery.fileupload-ui-noscript.css | |||
!css/jquery.fileupload-ui.css | |||
!css/jquery.fileupload.css | |||
!img/loading.gif | |||
!img/progressbar.gif | |||
!js/cors/jquery.postmessage-transport.js | |||
!js/cors/jquery.xdr-transport.js | |||
!js/vendor/jquery.ui.widget.js | |||
!js/jquery.fileupload-angular.js | |||
!js/jquery.fileupload-audio.js | |||
!js/jquery.fileupload-image.js | |||
!js/jquery.fileupload-jquery-ui.js | |||
!js/jquery.fileupload-process.js | |||
!js/jquery.fileupload-ui.js | |||
!js/jquery.fileupload-validate.js | |||
!js/jquery.fileupload-video.js | |||
!js/jquery.fileupload.js | |||
!js/jquery.iframe-transport.js |
@ -1,15 +0,0 @@ | |||
Please follow these pull request guidelines: | |||
1. Update your fork to the latest upstream version. | |||
2. Follow the coding conventions of the original source files (indentation, spaces, brackets layout). | |||
3. Code changes must pass JSHint validation with the `.jshintrc` settings of this project. | |||
4. Code changes must pass the QUnit tests defined in the `test` folder. | |||
5. New features should be covered by accompanying QUnit tests. | |||
6. Keep your commits as atomic as possible, i.e. create a new commit for every single bug fix or feature added. | |||
7. Always add meaningful commit messages. |
@ -1,121 +1,225 @@ | |||
# jQuery File Upload Plugin | |||
# jQuery File Upload | |||
## Contents | |||
- [Description](#description) | |||
- [Demo](#demo) | |||
- [Features](#features) | |||
- [Security](#security) | |||
- [Setup](#setup) | |||
- [Requirements](#requirements) | |||
- [Mandatory requirements](#mandatory-requirements) | |||
- [Optional requirements](#optional-requirements) | |||
- [Cross-domain requirements](#cross-domain-requirements) | |||
- [Browsers](#browsers) | |||
- [Desktop browsers](#desktop-browsers) | |||
- [Mobile browsers](#mobile-browsers) | |||
- [Extended browser support information](#extended-browser-support-information) | |||
- [Testing](#testing) | |||
- [Support](#support) | |||
- [License](#license) | |||
## Description | |||
File Upload widget with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video for jQuery. | |||
Supports cross-domain, chunked and resumable file uploads and client-side image resizing. Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads. | |||
## Demo | |||
[Demo File Upload](https://blueimp.github.io/jQuery-File-Upload/) | |||
## ⚠️ Security Notice | |||
Security related releases: | |||
* [v9.25.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.25.1) Mitigates some [Potential vulnerabilities with PHP+ImageMagick](VULNERABILITIES.md#potential-vulnerabilities-with-php-imagemagick). | |||
* [v9.24.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.24.1) Fixes a [Remote code execution vulnerability in the PHP component](VULNERABILITIES.md#remote-code-execution-vulnerability-in-the-php-component). | |||
* v[9.10.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/9.10.1) Fixes an [Open redirect vulnerability in the GAE components](VULNERABILITIES.md#open-redirect-vulnerability-in-the-gae-components). | |||
* Commit [4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a) (*fixed in all tagged releases*) Fixes a [Cross-site scripting vulnerability in the Iframe Transport](VULNERABILITIES.md#cross-site-scripting-vulnerability-in-the-iframe-transport). | |||
> File Upload widget with multiple file selection, drag&drop support, | |||
> progress bars, validation and preview images, audio and video for jQuery. | |||
> Supports cross-domain, chunked and resumable file uploads and client-side | |||
> image resizing. | |||
> Works with any server-side platform (PHP, Python, Ruby on Rails, Java, | |||
> Node.js, Go etc.) that supports standard HTML form file uploads. | |||
Please read the [SECURITY](SECURITY.md) document for instructions on how to securely configure your Webserver for file uploads. | |||
## Demo | |||
## Setup | |||
* [How to setup the plugin on your website](https://github.com/blueimp/jQuery-File-Upload/wiki/Setup) | |||
* [How to use only the basic plugin (minimal setup guide).](https://github.com/blueimp/jQuery-File-Upload/wiki/Basic-plugin) | |||
[Demo File Upload](https://blueimp.github.io/jQuery-File-Upload/) | |||
## Features | |||
* **Multiple file upload:** | |||
- **Multiple file upload:** | |||
Allows to select multiple files at once and upload them simultaneously. | |||
* **Drag & Drop support:** | |||
Allows to upload files by dragging them from your desktop or file manager and dropping them on your browser window. | |||
* **Upload progress bar:** | |||
Shows a progress bar indicating the upload progress for individual files and for all uploads combined. | |||
* **Cancelable uploads:** | |||
- **Drag & Drop support:** | |||
Allows to upload files by dragging them from your desktop or file manager and | |||
dropping them on your browser window. | |||
- **Upload progress bar:** | |||
Shows a progress bar indicating the upload progress for individual files and | |||
for all uploads combined. | |||
- **Cancelable uploads:** | |||
Individual file uploads can be canceled to stop the upload progress. | |||
* **Resumable uploads:** | |||
- **Resumable uploads:** | |||
Aborted uploads can be resumed with browsers supporting the Blob API. | |||
* **Chunked uploads:** | |||
Large files can be uploaded in smaller chunks with browsers supporting the Blob API. | |||
* **Client-side image resizing:** | |||
Images can be automatically resized on client-side with browsers supporting the required JS APIs. | |||
* **Preview images, audio and video:** | |||
A preview of image, audio and video files can be displayed before uploading with browsers supporting the required APIs. | |||
* **No browser plugins (e.g. Adobe Flash) required:** | |||
The implementation is based on open standards like HTML5 and JavaScript and requires no additional browser plugins. | |||
* **Graceful fallback for legacy browsers:** | |||
Uploads files via XMLHttpRequests if supported and uses iframes as fallback for legacy browsers. | |||
* **HTML file upload form fallback:** | |||
Allows progressive enhancement by using a standard HTML file upload form as widget element. | |||
* **Cross-site file uploads:** | |||
Supports uploading files to a different domain with cross-site XMLHttpRequests or iframe redirects. | |||
* **Multiple plugin instances:** | |||
- **Chunked uploads:** | |||
Large files can be uploaded in smaller chunks with browsers supporting the | |||
Blob API. | |||
- **Client-side image resizing:** | |||
Images can be automatically resized on client-side with browsers supporting | |||
the required JS APIs. | |||
- **Preview images, audio and video:** | |||
A preview of image, audio and video files can be displayed before uploading | |||
with browsers supporting the required APIs. | |||
- **No browser plugins (e.g. Adobe Flash) required:** | |||
The implementation is based on open standards like HTML5 and JavaScript and | |||
requires no additional browser plugins. | |||
- **Graceful fallback for legacy browsers:** | |||
Uploads files via XMLHttpRequests if supported and uses iframes as fallback | |||
for legacy browsers. | |||
- **HTML file upload form fallback:** | |||
Allows progressive enhancement by using a standard HTML file upload form as | |||
widget element. | |||
- **Cross-site file uploads:** | |||
Supports uploading files to a different domain with cross-site XMLHttpRequests | |||
or iframe redirects. | |||
- **Multiple plugin instances:** | |||
Allows to use multiple plugin instances on the same webpage. | |||
* **Customizable and extensible:** | |||
Provides an API to set individual options and define callback methods for various upload events. | |||
* **Multipart and file contents stream uploads:** | |||
Files can be uploaded as standard "multipart/form-data" or file contents stream (HTTP PUT file upload). | |||
* **Compatible with any server-side application platform:** | |||
Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads. | |||
- **Customizable and extensible:** | |||
Provides an API to set individual options and define callback methods for | |||
various upload events. | |||
- **Multipart and file contents stream uploads:** | |||
Files can be uploaded as standard "multipart/form-data" or file contents | |||
stream (HTTP PUT file upload). | |||
- **Compatible with any server-side application platform:** | |||
Works with any server-side platform (PHP, Python, Ruby on Rails, Java, | |||
Node.js, Go etc.) that supports standard HTML form file uploads. | |||
## Security | |||
⚠️ Please read the [VULNERABILITIES](VULNERABILITIES.md) document for a list of | |||
fixed vulnerabilities | |||
Please also read the [SECURITY](SECURITY.md) document for instructions on how to | |||
securely configure your Webserver for file uploads. | |||
## Setup | |||
jQuery File Upload can be installed via [NPM](https://www.npmjs.com/): | |||
```sh | |||
npm install blueimp-file-upload | |||
``` | |||
This allows you to include [jquery.fileupload.js](js/jquery.fileupload.js) and | |||
its extensions via `node_modules`, e.g: | |||
```html | |||
<script src="node_modules/blueimp-file-upload/js/jquery.fileupload.js"></script> | |||
``` | |||
The widget can then be initialized on a file upload form the following way: | |||
```js | |||
$('#fileupload').fileupload(); | |||
``` | |||
For further information, please refer to the following guides: | |||
- [Main documentation page](https://github.com/blueimp/jQuery-File-Upload/wiki) | |||
- [List of all available Options](https://github.com/blueimp/jQuery-File-Upload/wiki/Options) | |||
- [The plugin API](https://github.com/blueimp/jQuery-File-Upload/wiki/API) | |||
- [How to setup the plugin on your website](https://github.com/blueimp/jQuery-File-Upload/wiki/Setup) | |||
- [How to use only the basic plugin.](https://github.com/blueimp/jQuery-File-Upload/wiki/Basic-plugin) | |||
## Requirements | |||
### Mandatory requirements | |||
* [jQuery](https://jquery.com/) v. 1.6+ | |||
* [jQuery UI widget factory](https://api.jqueryui.com/jQuery.widget/) v. 1.9+ (included): Required for the basic File Upload plugin, but very lightweight without any other dependencies from the jQuery UI suite. | |||
* [jQuery Iframe Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/jquery.iframe-transport.js) (included): Required for [browsers without XHR file upload support](https://github.com/blueimp/jQuery-File-Upload/wiki/Browser-support). | |||
- [jQuery](https://jquery.com/) v1.6+ | |||
- [jQuery UI widget factory](https://api.jqueryui.com/jQuery.widget/) v1.9+ | |||
(included): Required for the basic File Upload plugin, but very lightweight | |||
without any other dependencies from the jQuery UI suite. | |||
- [jQuery Iframe Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/jquery.iframe-transport.js) | |||
(included): Required for | |||
[browsers without XHR file upload support](https://github.com/blueimp/jQuery-File-Upload/wiki/Browser-support). | |||
### Optional requirements | |||
* [JavaScript Templates engine](https://github.com/blueimp/JavaScript-Templates) v. 2.5.4+: Used to render the selected and uploaded files for the Basic Plus UI and jQuery UI versions. | |||
* [JavaScript Load Image library](https://github.com/blueimp/JavaScript-Load-Image) v. 1.13.0+: Required for the image previews and resizing functionality. | |||
* [JavaScript Canvas to Blob polyfill](https://github.com/blueimp/JavaScript-Canvas-to-Blob) v. 2.1.1+:Required for the image previews and resizing functionality. | |||
* [blueimp Gallery](https://github.com/blueimp/Gallery) v. 2.15.1+: Used to display the uploaded images in a lightbox. | |||
* [Bootstrap](http://getbootstrap.com/) v. 3.2.0+ | |||
* [Glyphicons](http://glyphicons.com/) | |||
The user interface of all versions, except the jQuery UI version, is built with [Bootstrap](http://getbootstrap.com/) and icons from [Glyphicons](http://glyphicons.com/). | |||
- [JavaScript Templates engine](https://github.com/blueimp/JavaScript-Templates) | |||
v3+: Used to render the selected and uploaded files for the Basic Plus UI and | |||
jQuery UI versions. | |||
- [JavaScript Load Image library](https://github.com/blueimp/JavaScript-Load-Image) | |||
v2+: Required for the image previews and resizing functionality. | |||
- [JavaScript Canvas to Blob polyfill](https://github.com/blueimp/JavaScript-Canvas-to-Blob) | |||
v3+:Required for the image previews and resizing functionality. | |||
- [blueimp Gallery](https://github.com/blueimp/Gallery) v2+: Used to display the | |||
uploaded images in a lightbox. | |||
- [Bootstrap](https://getbootstrap.com/) v3+: Used for the demo design. | |||
- [Glyphicons](https://glyphicons.com/) Icon set used by Bootstrap. | |||
### Cross-domain requirements | |||
[Cross-domain File Uploads](https://github.com/blueimp/jQuery-File-Upload/wiki/Cross-domain-uploads) using the [Iframe Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/jquery.iframe-transport.js) require a redirect back to the origin server to retrieve the upload results. The [example implementation](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/main.js) makes use of [result.html](https://github.com/blueimp/jQuery-File-Upload/blob/master/cors/result.html) as a static redirect page for the origin server. | |||
The repository also includes the [jQuery XDomainRequest Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/cors/jquery.xdr-transport.js), which enables limited cross-domain AJAX requests in Microsoft Internet Explorer 8 and 9 (IE 10 supports cross-domain XHR requests). | |||
The XDomainRequest object allows GET and POST requests only and doesn't support file uploads. It is used on the [Demo](https://blueimp.github.io/jQuery-File-Upload/) to delete uploaded files from the cross-domain demo file upload service. | |||
### Custom Backends | |||
You can add support for various backends by adhering to the specification [outlined here](https://github.com/blueimp/jQuery-File-Upload/wiki/JSON-Response). | |||
[Cross-domain File Uploads](https://github.com/blueimp/jQuery-File-Upload/wiki/Cross-domain-uploads) | |||
using the | |||
[Iframe Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/jquery.iframe-transport.js) | |||
require a redirect back to the origin server to retrieve the upload results. The | |||
[example implementation](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/main.js) | |||
makes use of | |||
[result.html](https://github.com/blueimp/jQuery-File-Upload/blob/master/cors/result.html) | |||
as a static redirect page for the origin server. | |||
The repository also includes the | |||
[jQuery XDomainRequest Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/cors/jquery.xdr-transport.js), | |||
which enables limited cross-domain AJAX requests in Microsoft Internet Explorer | |||
8 and 9 (IE 10 supports cross-domain XHR requests). | |||
The XDomainRequest object allows GET and POST requests only and doesn't support | |||
file uploads. It is used on the | |||
[Demo](https://blueimp.github.io/jQuery-File-Upload/) to delete uploaded files | |||
from the cross-domain demo file upload service. | |||
## Browsers | |||
### Desktop browsers | |||
The File Upload plugin is regularly tested with the latest browser versions and supports the following minimal versions: | |||
* Google Chrome | |||
* Apple Safari 4.0+ | |||
* Mozilla Firefox 3.0+ | |||
* Opera 11.0+ | |||
* Microsoft Internet Explorer 6.0+ | |||
The File Upload plugin is regularly tested with the latest browser versions and | |||
supports the following minimal versions: | |||
- Google Chrome | |||
- Apple Safari 4.0+ | |||
- Mozilla Firefox 3.0+ | |||
- Opera 11.0+ | |||
- Microsoft Internet Explorer 6.0+ | |||
### Mobile browsers | |||
The File Upload plugin has been tested with and supports the following mobile browsers: | |||
* Apple Safari on iOS 6.0+ (see Caveats below) | |||
* Google Chrome on iOS 6.0+ (see Caveats below) | |||
* Google Chrome on Android 4.0+ | |||
* Default Browser on Android 2.3+ | |||
* Opera Mobile 12.0+ | |||
The File Upload plugin has been tested with and supports the following mobile | |||
browsers: | |||
- Apple Safari on iOS 6.0+ | |||
- Google Chrome on iOS 6.0+ | |||
- Google Chrome on Android 4.0+ | |||
- Default Browser on Android 2.3+ | |||
- Opera Mobile 12.0+ | |||
### Extended browser support information | |||
For a detailed overview of the features supported by each browser version and | |||
known operating system / browser bugs, please have a look at the | |||
[Extended browser support information](https://github.com/blueimp/jQuery-File-Upload/wiki/Browser-support). | |||
### Caveats | |||
## Testing | |||
- iOS 9 has a [known bug](https://apple.stackexchange.com/questions/118154) where photos chosen from the Photo Library are all given the name `image.jpeg`, which is problematic when uploading multiple files at a time. Ideally your server should be responsible for deduplicating file uploads ([example](https://github.com/blueimp/jQuery-File-Upload/blob/master/server/php/UploadHandler.php#L490)). If you don't have control, as in the case of direct uploads to S3, you can pass an option `uniqueFilenames: {}` as part of the options object, which tells the uploader to deduplicate filenames. More details [here](https://github.com/blueimp/jQuery-File-Upload/commit/d419f43478aeafe95a794815f80a3016f58eb3b7). | |||
The project comes with three sets of tests: | |||
### Supported features | |||
For a detailed overview of the features supported by each browser version, please have a look at the [Extended browser support information](https://github.com/blueimp/jQuery-File-Upload/wiki/Browser-support). | |||
1. Code linting using [ESLint](https://eslint.org/). | |||
2. Unit tests using [Mocha](https://mochajs.org/). | |||
3. End-to-end tests using [blueimp/wdio](https://github.com/blueimp/wdio). | |||
## Contributing | |||
**Bug fixes** and **new features** can be proposed using [pull requests](https://github.com/blueimp/jQuery-File-Upload/pulls). | |||
Please read the [contribution guidelines](https://github.com/blueimp/jQuery-File-Upload/blob/master/CONTRIBUTING.md) before submitting a pull request. | |||
To run the tests, follow these steps: | |||
1. Start [Docker](https://docs.docker.com/). | |||
2. Install development dependencies: | |||
```sh | |||
npm install | |||
``` | |||
3. Run the tests: | |||
```sh | |||
npm test | |||
``` | |||
## Support | |||
This project is actively maintained, but there is no official support channel. | |||
If you have a question that another developer might help you with, please post to [Stack Overflow](http://stackoverflow.com/questions/tagged/blueimp+jquery+file-upload) and tag your question with `blueimp jquery file upload`. | |||
If you have a question that another developer might help you with, please post | |||
to | |||
[Stack Overflow](https://stackoverflow.com/questions/tagged/blueimp+jquery+file-upload) | |||
and tag your question with `blueimp jquery file upload`. | |||
## License | |||
Released under the [MIT license](https://opensource.org/licenses/MIT). |
@ -1,65 +1,118 @@ | |||
# ⚠️ List of fixed vulnerabilities | |||
# List of fixed vulnerabilities | |||
## Contents | |||
- [Potential vulnerabilities with PHP+ImageMagick](#potential-vulnerabilities-with-phpimagemagick) | |||
- [Remote code execution vulnerability in the PHP component](#remote-code-execution-vulnerability-in-the-php-component) | |||
- [Open redirect vulnerability in the GAE components](#open-redirect-vulnerability-in-the-gae-components) | |||
- [Cross-site scripting vulnerability in the Iframe Transport](#cross-site-scripting-vulnerability-in-the-iframe-transport) | |||
## Potential vulnerabilities with PHP+ImageMagick | |||
> Mitigated: 2018-10-25 (GMT) | |||
The sample [PHP upload handler](server/php/UploadHandler.php) before [v9.25.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.25.1) did not validate file signatures before invoking [ImageMagick](https://www.imagemagick.org/) (via [Imagick](http://php.net/manual/en/book.imagick.php)). | |||
Verifying those [magic bytes](https://en.wikipedia.org/wiki/List_of_file_signatures) mitigates potential vulnerabilities when handling input files other than `GIF/JPEG/PNG`. | |||
The sample [PHP upload handler](server/php/UploadHandler.php) before | |||
[v9.25.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.25.1) | |||
did not validate file signatures before invoking | |||
[ImageMagick](https://www.imagemagick.org/) (via | |||
[Imagick](https://php.net/manual/en/book.imagick.php)). | |||
Verifying those | |||
[magic bytes](https://en.wikipedia.org/wiki/List_of_file_signatures) mitigates | |||
potential vulnerabilities when handling input files other than `GIF/JPEG/PNG`. | |||
Please also configure ImageMagick to only enable the coders required for `GIF/JPEG/PNG` processing, e.g. with the sample [ImageMagick config](SECURITY.md#imagemagick-config). | |||
Please also configure ImageMagick to only enable the coders required for | |||
`GIF/JPEG/PNG` processing, e.g. with the sample | |||
[ImageMagick config](SECURITY.md#imagemagick-config). | |||
**Further information:** | |||
* Commit containing the mitigation: [fe44d34](https://github.com/blueimp/jQuery-File-Upload/commit/fe44d34be43be32c6b8d507932f318dababb25dd) | |||
* [ImageTragick](https://imagetragick.com/) | |||
* [CERT Vulnerability Note VU#332928](https://www.kb.cert.org/vuls/id/332928) | |||
* [ImageMagick CVE entries](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=imagemagick) | |||
- Commit containing the mitigation: | |||
[fe44d34](https://github.com/blueimp/jQuery-File-Upload/commit/fe44d34be43be32c6b8d507932f318dababb25dd) | |||
- [ImageTragick](https://imagetragick.com/) | |||
- [CERT Vulnerability Note VU#332928](https://www.kb.cert.org/vuls/id/332928) | |||
- [ImageMagick CVE entries](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=imagemagick) | |||
## Remote code execution vulnerability in the PHP component | |||
> Fixed: 2018-10-23 (GMT) | |||
The sample [PHP upload handler](server/php/UploadHandler.php) before [v9.24.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.24.1) allowed to upload all file types by default. | |||
This opens up a remote code execution vulnerability, unless the server is configured to not execute (PHP) files in the upload directory (`server/php/files`). | |||
The sample [PHP upload handler](server/php/UploadHandler.php) before | |||
[v9.24.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.24.1) | |||
allowed to upload all file types by default. | |||
This opens up a remote code execution vulnerability, unless the server is | |||
configured to not execute (PHP) files in the upload directory | |||
(`server/php/files`). | |||
The provided [.htaccess](server/php/files/.htaccess) file includes instructions for Apache to disable script execution, however [.htaccess support](https://httpd.apache.org/docs/current/howto/htaccess.html) is disabled by default since Apache `v2.3.9` via [AllowOverride Directive](https://httpd.apache.org/docs/current/mod/core.html#allowoverride). | |||
The provided [.htaccess](server/php/files/.htaccess) file includes instructions | |||
for Apache to disable script execution, however | |||
[.htaccess support](https://httpd.apache.org/docs/current/howto/htaccess.html) | |||
is disabled by default since Apache `v2.3.9` via | |||
[AllowOverride Directive](https://httpd.apache.org/docs/current/mod/core.html#allowoverride). | |||
**You are affected if you:** | |||
1. A) Uploaded jQuery File Upload < `v9.24.1` on a Webserver that executes files with `.php` as part of the file extension (e.g. "example.php.png"), e.g. Apache with `mod_php` enabled and the following directive (*not a recommended configuration*): | |||
```ApacheConf | |||
AddHandler php5-script .php | |||
``` | |||
B) Uploaded jQuery File Upload < `v9.22.1` on a Webserver that executes files with the file extension `.php`, e.g. Apache with `mod_php` enabled and the following directive: | |||
```ApacheConf | |||
<FilesMatch \.php$> | |||
SetHandler application/x-httpd-php | |||
</FilesMatch> | |||
``` | |||
2. Did not actively configure your Webserver to not execute files in the upload directory (`server/php/files`). | |||
3. Are running Apache `v2.3.9+` with the default `AllowOverride` Directive set to `None` or another Webserver with no `.htaccess` support. | |||
1. A) Uploaded jQuery File Upload < `v9.24.1` on a Webserver that executes files | |||
with `.php` as part of the file extension (e.g. "example.php.png"), e.g. | |||
Apache with `mod_php` enabled and the following directive (_not a recommended | |||
configuration_): | |||
```ApacheConf | |||
AddHandler php5-script .php | |||
``` | |||
B) Uploaded jQuery File Upload < `v9.22.1` on a Webserver that executes files | |||
with the file extension `.php`, e.g. Apache with `mod_php` enabled and the | |||
following directive: | |||
```ApacheConf | |||
<FilesMatch \.php$> | |||
SetHandler application/x-httpd-php | |||
</FilesMatch> | |||
``` | |||
2. Did not actively configure your Webserver to not execute files in the upload | |||
directory (`server/php/files`). | |||
3. Are running Apache `v2.3.9+` with the default `AllowOverride` Directive set | |||
to `None` or another Webserver with no `.htaccess` support. | |||
**How to fix it:** | |||
1. Upgrade to the latest version of jQuery File Upload. | |||
2. Configure your Webserver to not execute files in the upload directory, e.g. with the [sample Apache configuration](SECURITY.md#apache-config) | |||
2. Configure your Webserver to not execute files in the upload directory, e.g. | |||
with the [sample Apache configuration](SECURITY.md#apache-config) | |||
**Further information:** | |||
* Commits containing the security fix: [aeb47e5](https://github.com/blueimp/jQuery-File-Upload/commit/aeb47e51c67df8a504b7726595576c1c66b5dc2f), [ad4aefd](https://github.com/blueimp/jQuery-File-Upload/commit/ad4aefd96e4056deab6fea2690f0d8cf56bb2d7d) | |||
* [Full disclosure post on Hacker News](https://news.ycombinator.com/item?id=18267309). | |||
* [CVE-2018-9206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9206) | |||
* [OWASP - Unrestricted File Upload](https://www.owasp.org/index.php/Unrestricted_File_Upload) | |||
- Commits containing the security fix: | |||
[aeb47e5](https://github.com/blueimp/jQuery-File-Upload/commit/aeb47e51c67df8a504b7726595576c1c66b5dc2f), | |||
[ad4aefd](https://github.com/blueimp/jQuery-File-Upload/commit/ad4aefd96e4056deab6fea2690f0d8cf56bb2d7d) | |||
- [Full disclosure post on Hacker News](https://news.ycombinator.com/item?id=18267309). | |||
- [CVE-2018-9206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9206) | |||
- [OWASP - Unrestricted File Upload](https://www.owasp.org/index.php/Unrestricted_File_Upload) | |||
## Open redirect vulnerability in the GAE components | |||
> Fixed: 2015-06-12 (GMT) | |||
The sample Google App Engine upload handlers before v[9.10.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/9.10.1) accepted any URL as redirect target, making it possible to use the Webserver's domain for phishing attacks. | |||
The sample Google App Engine upload handlers before | |||
v[9.10.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/9.10.1) | |||
accepted any URL as redirect target, making it possible to use the Webserver's | |||
domain for phishing attacks. | |||
**Further information:** | |||
* Commit containing the security fix: [f74d2a8](https://github.com/blueimp/jQuery-File-Upload/commit/f74d2a8c3e3b1e8e336678d2899facd5bcdb589f) | |||
* [OWASP - Unvalidated Redirects and Forwards Cheat Sheet](https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet) | |||
- Commit containing the security fix: | |||
[f74d2a8](https://github.com/blueimp/jQuery-File-Upload/commit/f74d2a8c3e3b1e8e336678d2899facd5bcdb589f) | |||
- [OWASP - Unvalidated Redirects and Forwards Cheat Sheet](https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet) | |||
## Cross-site scripting vulnerability in the Iframe Transport | |||
> Fixed: 2012-08-09 (GMT) | |||
The [redirect page](cors/result.html) for the [Iframe Transport](js/jquery.iframe-transport.js) before commit [4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a) (*fixed in all tagged releases*) allowed executing arbitrary JavaScript in the context of the Webserver. | |||
The [redirect page](cors/result.html) for the | |||
[Iframe Transport](js/jquery.iframe-transport.js) before commit | |||
[4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a) | |||
(_fixed in all tagged releases_) allowed executing arbitrary JavaScript in the | |||
context of the Webserver. | |||
**Further information:** | |||
* Commit containing the security fix: [4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a) | |||
* [OWASP - Cross-site Scripting (XSS)](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)) | |||
- Commit containing the security fix: | |||
[4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a) | |||
- [OWASP - Cross-site Scripting (XSS)](<https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)>) |
@ -1,211 +0,0 @@ | |||
<!DOCTYPE HTML> | |||
<!-- | |||
/* | |||
* jQuery File Upload Plugin AngularJS Demo | |||
* https://github.com/blueimp/jQuery-File-Upload | |||
* | |||
* Copyright 2013, Sebastian Tschan | |||
* https://blueimp.net | |||
* | |||
* Licensed under the MIT license: | |||
* https://opensource.org/licenses/MIT | |||
*/ | |||
--> | |||
<html lang="en"> | |||
<head> | |||
<!-- Force latest IE rendering engine or ChromeFrame if installed --> | |||
<!--[if IE]> | |||
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> | |||
<![endif]--> | |||
<meta charset="utf-8"> | |||
<title>jQuery File Upload Demo - AngularJS version</title> | |||
<meta name="description" content="File Upload widget with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video for AngularJS. Supports cross-domain, chunked and resumable file uploads and client-side image resizing. Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads."> | |||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | |||
<!-- Bootstrap styles --> | |||
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"> | |||
<!-- Generic page styles --> | |||
<link rel="stylesheet" href="css/style.css"> | |||
<!-- blueimp Gallery styles --> | |||
<link rel="stylesheet" href="https://blueimp.github.io/Gallery/css/blueimp-gallery.min.css"> | |||
<!-- CSS to style the file input field as button and adjust the Bootstrap progress bars --> | |||
<link rel="stylesheet" href="css/jquery.fileupload.css"> | |||
<link rel="stylesheet" href="css/jquery.fileupload-ui.css"> | |||
<!-- CSS adjustments for browsers with JavaScript disabled --> | |||
<noscript><link rel="stylesheet" href="css/jquery.fileupload-noscript.css"></noscript> | |||
<noscript><link rel="stylesheet" href="css/jquery.fileupload-ui-noscript.css"></noscript> | |||
<style> | |||
/* Hide Angular JS elements before initializing */ | |||
.ng-cloak { | |||
display: none; | |||
} | |||
</style> | |||
</head> | |||
<body> | |||
<div class="navbar navbar-default navbar-fixed-top"> | |||
<div class="container"> | |||
<div class="navbar-header"> | |||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-fixed-top .navbar-collapse"> | |||
<span class="icon-bar"></span> | |||
<span class="icon-bar"></span> | |||
<span class="icon-bar"></span> | |||
</button> | |||
<a class="navbar-brand" href="https://github.com/blueimp/jQuery-File-Upload">jQuery File Upload</a> | |||
</div> | |||
<div class="navbar-collapse collapse"> | |||
<ul class="nav navbar-nav"> | |||
<li><a href="https://github.com/blueimp/jQuery-File-Upload/tags">Download</a></li> | |||
<li><a href="https://github.com/blueimp/jQuery-File-Upload">Source Code</a></li> | |||
<li><a href="https://github.com/blueimp/jQuery-File-Upload/wiki">Documentation</a></li> | |||
<li><a href="https://blueimp.net">© Sebastian Tschan</a></li> | |||
</ul> | |||
</div> | |||
</div> | |||
</div> | |||
<div class="container"> | |||
<h1>jQuery File Upload Demo</h1> | |||
<h2 class="lead">AngularJS version</h2> | |||
<ul class="nav nav-tabs"> | |||
<li><a href="basic.html">Basic</a></li> | |||
<li><a href="basic-plus.html">Basic Plus</a></li> | |||
<li><a href="index.html">Basic Plus UI</a></li> | |||
<li class="active"><a href="angularjs.html">AngularJS</a></li> | |||
<li><a href="jquery-ui.html">jQuery UI</a></li> | |||
</ul> | |||
<br> | |||
<blockquote> | |||
<p>File Upload widget with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video for AngularJS.<br> | |||
Supports cross-domain, chunked and resumable file uploads and client-side image resizing.<br> | |||
Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads.</p> | |||
</blockquote> | |||
<br> | |||
<!-- The file upload form used as target for the file upload widget --> | |||
<form id="fileupload" action="https://jquery-file-upload.appspot.com/" method="POST" enctype="multipart/form-data" data-ng-app="demo" data-ng-controller="DemoFileUploadController" data-file-upload="options" data-ng-class="{'fileupload-processing': processing() || loadingFiles}"> | |||
<!-- Redirect browsers with JavaScript disabled to the origin page --> | |||
<noscript><input type="hidden" name="redirect" value="https://blueimp.github.io/jQuery-File-Upload/"></noscript> | |||
<!-- The fileupload-buttonbar contains buttons to add/delete files and start/cancel the upload --> | |||
<div class="row fileupload-buttonbar"> | |||
<div class="col-lg-7"> | |||
<!-- The fileinput-button span is used to style the file input field as button --> | |||
<span class="btn btn-success fileinput-button" ng-class="{disabled: disabled}"> | |||
<i class="glyphicon glyphicon-plus"></i> | |||
<span>Add files...</span> | |||
<input type="file" name="files[]" multiple ng-disabled="disabled"> | |||
</span> | |||
<button type="button" class="btn btn-primary start" data-ng-click="submit()"> | |||
<i class="glyphicon glyphicon-upload"></i> | |||
<span>Start upload</span> | |||
</button> | |||
<button type="button" class="btn btn-warning cancel" data-ng-click="cancel()"> | |||
<i class="glyphicon glyphicon-ban-circle"></i> | |||
<span>Cancel upload</span> | |||
</button> | |||
<!-- The global file processing state --> | |||
<span class="fileupload-process"></span> | |||
</div> | |||
<!-- The global progress state --> | |||
<div class="col-lg-5 fade" data-ng-class="{in: active()}"> | |||
<!-- The global progress bar --> | |||
<div class="progress progress-striped active" data-file-upload-progress="progress()"><div class="progress-bar progress-bar-success" data-ng-style="{width: num + '%'}"></div></div> | |||
<!-- The extended global progress state --> | |||
<div class="progress-extended"> </div> | |||
</div> | |||
</div> | |||
<!-- The table listing the files available for upload/download --> | |||
<table class="table table-striped files ng-cloak"> | |||
<tr data-ng-repeat="file in queue" data-ng-class="{'processing': file.$processing()}"> | |||
<td data-ng-switch data-on="!!file.thumbnailUrl"> | |||
<div class="preview" data-ng-switch-when="true"> | |||
<a data-ng-href="{{file.url}}" title="{{file.name}}" download="{{file.name}}" data-gallery><img data-ng-src="{{file.thumbnailUrl}}" alt=""></a> | |||
</div> | |||
<div class="preview" data-ng-switch-default data-file-upload-preview="file"></div> | |||
</td> | |||
<td> | |||
<p class="name" data-ng-switch data-on="!!file.url"> | |||
<span data-ng-switch-when="true" data-ng-switch data-on="!!file.thumbnailUrl"> | |||
<a data-ng-switch-when="true" data-ng-href="{{file.url}}" title="{{file.name}}" download="{{file.name}}" data-gallery>{{file.name}}</a> | |||
<a data-ng-switch-default data-ng-href="{{file.url}}" title="{{file.name}}" download="{{file.name}}">{{file.name}}</a> | |||
</span> | |||
<span data-ng-switch-default>{{file.name}}</span> | |||
</p> | |||
<strong data-ng-show="file.error" class="error text-danger">{{file.error}}</strong> | |||
</td> | |||
<td> | |||
<p class="size">{{file.size | formatFileSize}}</p> | |||
<div class="progress progress-striped active fade" data-ng-class="{pending: 'in'}[file.$state()]" data-file-upload-progress="file.$progress()"><div class="progress-bar progress-bar-success" data-ng-style="{width: num + '%'}"></div></div> | |||
</td> | |||
<td> | |||
<button type="button" class="btn btn-primary start" data-ng-click="file.$submit()" data-ng-hide="!file.$submit || options.autoUpload" data-ng-disabled="file.$state() == 'pending' || file.$state() == 'rejected'"> | |||
<i class="glyphicon glyphicon-upload"></i> | |||
<span>Start</span> | |||
</button> | |||
<button type="button" class="btn btn-warning cancel" data-ng-click="file.$cancel()" data-ng-hide="!file.$cancel"> | |||
<i class="glyphicon glyphicon-ban-circle"></i> | |||
<span>Cancel</span> | |||
</button> | |||
<button data-ng-controller="FileDestroyController" type="button" class="btn btn-danger destroy" data-ng-click="file.$destroy()" data-ng-hide="!file.$destroy"> | |||
<i class="glyphicon glyphicon-trash"></i> | |||
<span>Delete</span> | |||
</button> | |||
</td> | |||
</tr> | |||
</table> | |||
</form> | |||
<br> | |||
<div class="panel panel-default"> | |||
<div class="panel-heading"> | |||
<h3 class="panel-title">Demo Notes</h3> | |||
</div> | |||
<div class="panel-body"> | |||
<ul> | |||
<li>The maximum file size for uploads in this demo is <strong>999 KB</strong> (default file size is unlimited).</li> | |||
<li>Only image files (<strong>JPG, GIF, PNG</strong>) are allowed in this demo (by default there is no file type restriction).</li> | |||
<li>Uploaded files will be deleted automatically after <strong>5 minutes or less</strong> (demo files are stored in memory).</li> | |||
<li>You can <strong>drag & drop</strong> files from your desktop on this webpage (see <a href="https://github.com/blueimp/jQuery-File-Upload/wiki/Browser-support">Browser support</a>).</li> | |||
<li>Please refer to the <a href="https://github.com/blueimp/jQuery-File-Upload">project website</a> and <a href="https://github.com/blueimp/jQuery-File-Upload/wiki">documentation</a> for more information.</li> | |||
<li>Built with the <a href="http://getbootstrap.com/">Bootstrap</a> CSS framework and Icons from <a href="http://glyphicons.com/">Glyphicons</a>.</li> | |||
</ul> | |||
</div> | |||
</div> | |||
</div> | |||
<!-- The blueimp Gallery widget --> | |||
<div id="blueimp-gallery" class="blueimp-gallery blueimp-gallery-controls" data-filter=":even"> | |||
<div class="slides"></div> | |||
<h3 class="title"></h3> | |||
<a class="prev">‹</a> | |||
<a class="next">›</a> | |||
<a class="close">×</a> | |||
<a class="play-pause"></a> | |||
<ol class="indicator"></ol> | |||
</div> | |||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js" integrity="sha384-xBuQ/xzmlsLoJpyjoggmTEz8OWUFM0/RC5BsqQBDX2v5cMvDHcMakNTNrHIW2I5f" crossorigin="anonymous"></script> | |||
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js" integrity="sha384-r6jjWwxAypHaESwS5an5J9dkfzwQuKVNV9FZM9B6fnt8PFuY0cVwLhV7BltCZhLy" crossorigin="anonymous"></script> | |||
<!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included --> | |||
<script src="js/vendor/jquery.ui.widget.js"></script> | |||
<!-- The Load Image plugin is included for the preview images and image resizing functionality --> | |||
<script src="https://blueimp.github.io/JavaScript-Load-Image/js/load-image.all.min.js"></script> | |||
<!-- The Canvas to Blob plugin is included for image resizing functionality --> | |||
<script src="https://blueimp.github.io/JavaScript-Canvas-to-Blob/js/canvas-to-blob.min.js"></script> | |||
<!-- Bootstrap JS is not required, but included for the responsive demo navigation --> | |||
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script> | |||
<!-- blueimp Gallery script --> | |||
<script src="https://blueimp.github.io/Gallery/js/jquery.blueimp-gallery.min.js"></script> | |||
<!-- The Iframe Transport is required for browsers without support for XHR file uploads --> | |||
<script src="js/jquery.iframe-transport.js"></script> | |||
<!-- The basic File Upload plugin --> | |||
<script src="js/jquery.fileupload.js"></script> | |||
<!-- The File Upload processing plugin --> | |||
<script src="js/jquery.fileupload-process.js"></script> | |||
<!-- The File Upload image preview & resize plugin --> | |||
<script src="js/jquery.fileupload-image.js"></script> | |||
<!-- The File Upload audio preview plugin --> | |||
<script src="js/jquery.fileupload-audio.js"></script> | |||
<!-- The File Upload video preview plugin --> | |||
<script src="js/jquery.fileupload-video.js"></script> | |||
<!-- The File Upload validation plugin --> | |||
<script src="js/jquery.fileupload-validate.js"></script> | |||
<!-- The File Upload Angular JS module --> | |||
<script src="js/jquery.fileupload-angular.js"></script> | |||
<!-- The main application script --> | |||
<script src="js/app.js"></script> | |||
</body> | |||
</html> |
@ -1,226 +0,0 @@ | |||
<!DOCTYPE HTML> | |||
<!-- | |||
/* | |||
* jQuery File Upload Plugin Basic Plus Demo | |||
* https://github.com/blueimp/jQuery-File-Upload | |||
* | |||
* Copyright 2013, Sebastian Tschan | |||
* https://blueimp.net | |||
* | |||
* Licensed under the MIT license: | |||
* https://opensource.org/licenses/MIT | |||
*/ | |||
--> | |||
<html lang="en"> | |||
<head> | |||
<!-- Force latest IE rendering engine or ChromeFrame if installed --> | |||
<!--[if IE]><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><![endif]--> | |||
<meta charset="utf-8"> | |||
<title>jQuery File Upload Demo - Basic Plus version</title> | |||
<meta name="description" content="File Upload widget with multiple file selection, drag&drop support, progress bar, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads. Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads."> | |||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | |||
<!-- Bootstrap styles --> | |||
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"> | |||
<!-- Generic page styles --> | |||
<link rel="stylesheet" href="css/style.css"> | |||
<!-- CSS to style the file input field as button and adjust the Bootstrap progress bars --> | |||
<link rel="stylesheet" href="css/jquery.fileupload.css"> | |||
</head> | |||
<body> | |||
<div class="navbar navbar-default navbar-fixed-top"> | |||
<div class="container"> | |||
<div class="navbar-header"> | |||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-fixed-top .navbar-collapse"> | |||
<span class="icon-bar"></span> | |||
<span class="icon-bar"></span> | |||
<span class="icon-bar"></span> | |||
</button> | |||
<a class="navbar-brand" href="https://github.com/blueimp/jQuery-File-Upload">jQuery File Upload</a> | |||
</div> | |||
<div class="navbar-collapse collapse"> | |||
<ul class="nav navbar-nav"> | |||
<li><a href="https://github.com/blueimp/jQuery-File-Upload/tags">Download</a></li> | |||
<li><a href="https://github.com/blueimp/jQuery-File-Upload">Source Code</a></li> | |||
<li><a href="https://github.com/blueimp/jQuery-File-Upload/wiki">Documentation</a></li> | |||
<li><a href= |